<?php
namespace Home\Controller;
session(array('name'=>'session_id','expire'=>3600,'article_id'=>0,'user_id'=>0,'userid'=>0));
//设置全局变量保存用户的id和用户的姓名和临时的文章id
use Think\Controller;
class IndexController extends Controller {
        
        public function lecture()
        {
            $tip='nice';//如果没有设置姓名默认为nicce
            $data=M('users');
            $id=session('userid');//通过全局id查询用户名
            $name=$data->where("user_id=$id")->field('user_name')->select();
            if(session(userid)!=0)
                $this->assign('name',$name);
            else
                $this->assign('tip',$tip);
            $this->display();
        }

        public function article()
        {
            $data=M('articles');
            $mydata['article_title']=$_POST['article'];//获取标题
            $result=$data->where($mydata)->find();
            
            $test=$data->field('user_id')->where($mydata)->select();
            //通过文章标题获取用户id
            $id_article=$data->field('article_id')->where($mydata)->select();//通过用户id获取文章id
            
            session('user_id',intval($test[0]['user_id']));
            //保存文章作者id
            session('article_id',intval($id_article[0]['article_id']));
            //保存文章id

            //echo session('article_id');
            //echo gettype($test[0]['user_id']).$test[0]['user_id'];
            if($result){
                //$this->success('成功','wen.html',2);
            echo '<script language="javascript">
                    window.location.href="wen.html"; 
                    </script>';
            }
            else{
                $this->error('失败');
            }

        }
        public function wen(){
            $look=M('articles');
            $data=M('users');
            $com=M('comment');
            session('article_id');
            //刷新文章的id
            $id_article['article_id']=session('article_id');
            //获取点击后的文章id
            
            $title=$look->field('article_title')->where($id_article)->select();
            $content=$look->field('article_content')->where($id_article)->select();
            $date=$look->field('article_CreateTime')->where($id_article)->select();
            //获取文章的具体信息
            
            $userid=$look->where($id_article)->field('user_id')->select();
            $username=$data->where($userid)->field('user_name')->select();
            $comment=$com->where($id_article)->field('user_name,comment_content,comment_date')->select();
            //通过全局的用户id和文章id获取用户id和name值

            $this->assign('comment',$comment);
            $this->assign('username',$username);
            $this->assign('title',$title);
            $this->assign('content',$content);
            $this->assign('date',$date);
            //控制器将值传向模板
            $this->display();
        }
        public function wen_submit()
        {
            if(session('name')!=' '&&session('name')!=null)
            {
                $com=M('comment');
                $date= date('Y-m-d H:i:s');
                $content['comment_content']=$_POST['comment'];
                $content['user_name']=session('name');
                $content['comment_date']=$date;
                $content['article_id']=session('article_id');

                if($com->add($content)){
                    echo '<script language="javascript">
                            location.href="wen"; 
                       </script>';
                }
                else{
                    echo '<script language="javascript">
                           alert("comment error!");
                            location.href="wen"; 
                        </script>';
                }
            }else{
                echo '<script language="javascript">
                        alert("please login frist!");
                        location.href="wen"; 
                        </script>';
            }
        }
        public function loginpost(){
            $data['user_name']=$_POST['name'];
            $data['user_password']=$_POST['password'];
            $rule=M('users');   
            $mydata=$rule->where($data)->find();
            $status=$rule->where($data)->field('user_id')->select();
            //获取当前用户的id
            
            session('userid',intval($status[0]['user_id']));
            session('name',$data['user_name']);
            //将当前已登陆的用户id和姓名保存到全局变量中
            //dump($tele);

            if($mydata){
                //echo session('name');
                //
                echo '<script language="javascript">
                    location.href="home_page"; 
                    </script>';
            }
            else{
                echo '<script language="javascript">
                    alert("password or count error!");
                    location.href="logintest.html"; 
                    </script>';
            }
        }
        public function loginout()
        {
            session('user_id',0);
            session('userid',0);
            session('name',' ');
            //登出，将所有的变量置为默认值
            echo '<script language="javascript">
                    alert("loginout success !");
                    location.href="homepage.html"; 
                    </script>';
        }
        public function article_submit()
        {
            //文章提交前先判断用户是否登陆
            if(session('userid'))
            {
                $data=M('articles');
                $date= date('Y-m-d H:i:s');
                if($data->where('article_id=1')->find());
                else
                {
                    $mydata['article_id']=1;
                    $mydata['article_content']="test";
                    $mydata['article_title']="test";
                    $mydata['article_CreateTime']=$date;
                    $data->add($mydata);
                }
                $base=$data->where('article_id=1')->getfield('article_content');
                $mydata['article_content']=htmlspecialchars($_POST['article']);
                $mydata['article_title']=htmlspecialchars($_POST['title']);
                //将文章转换为html格式的文本写入数据库
                $mydata['article_CreateTime']=$date;
                $ko=session('userid');
                $mydata['user_id']="$ko";
                
                if($data->add($mydata))
                echo '<script language="javascript">
                    alert("pulish success!");
                    location.href="me.html"; 
                    </script>';
                else
                    $this->error('文章添加失败！','lecture.html',1);
            }else{
                echo '<script language="javascript">
                    alert("pleas login frist!");
                    location.href="me.html"; 
                    </script>';
            }
            //$this->success('','login.html'); 
        } 
        public function regist() {
            $data=M('users');
            $register['user_name']=$_POST['username'];
            $register['user_password']=$_POST['password1'];
            $register['user_address']=$_POST['useradd'];
            $register['user_tele']=$_POST['contact'];
            $register['user_sex']=$_POST['optionsRadios'];
            $register['user_signature']=$_POST['signature'];

            if($data->add($register))
            {
                echo '<script language="javascript">
                    alert("register success! please login first!");
                    location.href="logintest"; 
                    </script>';
            }else{
                $this->error('注册失败');
            }

        }
        public function home_page(){
            if(session('name')!=' ')
            {
                $data=M('articles');
                $com=M('comment');
                $title=$data->field('article_title')->select();
                $article=$data->field('substr(article_content,1,500)')->select();
                $list=$data->limit(10)->select();
                $name=session('name');            
                $this->assign('list',$list);
                $this->assign('name',$name);
                $this->display();
            }else{
                echo '<script language="javascript">
                    location.href="homepage"; 
                    </script>';
            }
        }
        public function homepage(){
            if(session('name')==' ')
            {   
                $data=M('articles');
                $title=$data->field('article_title')->select();
                $article=$data->field('substr(article_content,1,500)')->select();
                $list=$data->limit(10)->select();
                $this->assign('list',$list);
                $this->display();
            }else{
                echo '<script language="javascript">
                    location.href="home_page"; 
                    </script>';
            }
        }

    public function login2(){

        session('username',$_POST['name']);
        $data["user_name"] =$_POST["name"];//接受用户名
        $data["user_password"]=$_POST["password"];           //接受用户密码
        $Dao=M('users');
        $a['user_name']=$data["user_name"];//test
        $F=$Dao->where($a)->field('user_id')->select();//test
        echo"id=".$F[0]['user_id'];//test
        dump($F);
        session('user_id',$F[0]['user_id']);//test
        $result = $Dao->where($data)->find();           //判断登录信息

        if($result){//作出反应

            echo "登录成功,1s后自动跳转.....";
            echo '<meta http-equiv="refresh" content="8;url=me.html"/>';
        
        }else{
            $s='登录失败！';
            echo $s;
        }
    }
    public function me(){
        //$U=M('user');
        //$result = $U->\
        if(session('name')!=' '&&session('name')!=null)
        {  
            $list=session('username');
            $s=session('userid');
            $name=session('name');
            $this->assign('list',$list);
            //$this->display();
            $_SESSION['username'];
            //echo"_SESSION['name']";
            $data=M('articles');
            $dat['user_id']=$s; 
            $result=$data->where("user_id=$s")->select();
        
            $logo=M('users');
            $signature=$logo->where("user_id=$s")->field('user_signature')->select();
            $info=$logo->where("user_id=$s")->select();
            $this->assign('signature',$signature);
            $this->assign('info',$info);

            $this->assign('result',$result);
            $this->assign('name',$name);  
            $this->display();
        }else{
            echo '<script language="javascript">
                    alert("please login frist!");
                    location.href="logintest"; 
                    </script>';
        }
    }




//------------------------------------------------------------------------

    public function myway()
        {
            echo 'nihao';
        }
        public function BOOK()
        {
            $this->display();
        }

        public function calc(){
            $a=10;
            $b=4;
            $sum=$a+$b;
            $i=$_POST['text'];
            $this->assign('sum',$sum+$i);
            $this->display();
        }
        public function testsql(){
            $data=M('users');
            $article=M('articles');
            if($data)
            {
                echo 'yes'.'<br>';

            }
            else{
                echo 'no';
            }
            session('name','op');
            echo session('name');
            $mydata=$article->field('SUBSTRING(article_title,1,100)')->select();
            foreach($mydata as $key){
                foreach ($key as $mine) {
                    echo $mine.'<br>';
                }
            }
            echo $mydata[1];
            $list=$data->limit(10)->select();
            $this->assign('mydata',$mydata);
            $this->assign('list',$list);
            $this->display();
            //$this->success('','BOOK.html',2);

        }

        public function test1()
        {
            $name=$_POST['username'];
            $test="123333333333333333333333333";
            if ( $name== 'admin'){
                $this->ajaxReturn($test,'',true);
            }else{
                $this->ajaxReturn('','用户名错误！',0);
            }
        }
        
        public function inject_check($sql_str) {
        $check= eregi('select|insert|update|delete|\'|\/\*|\*|\.\.\/|\.\/|union|into|load_file
|outfile', $sql_str);//检测特殊字符
        if($check)
        {
            echo "非法字符!";
            exit();
        }else
        {
            return $sql_str;
        }
    }
    function uh($str)
    {
        $farr = array(
            "/s+/", //过滤多余的空白
            "/<(/?)(script|i?frame|style|html|body|title|link|meta|?|%)([^>]*?)>/isU", //过滤 <script 等可能引入恶意内容或恶意改变显示布局的代码,如果不需要插入flash等,还可以加入<object的过滤
            "/(<[^>]*)on[a-zA-Z]+s*=([^>]*>)/isU", //过滤javascript的on事件
        );
        $tarr = array(
            " ",
            "<\1\2\3>", //如果要直接清除不安全的标签，这里可以留空
            "\1\2",
        );
        $str = preg_replace( $farr,$tarr,$str);
        return $str;
    }
    public function test()
    {
        $a[]="Anna";
        $a[]="Brittany";
        $a[]="Cinderella";
        $a[]="Diana";
        $a[]="Eva";
        $a[]="Fiona";
        $a[]="Gunda";
        $a[]="Hege";
        $a[]="Inga";
        $a[]="Johanna";
        $a[]="Kitty";
        $a[]="Linda";
        $a[]="Nina";
        $a[]="Ophelia";
        $a[]="Petunia";
        $a[]="Amanda";
        $a[]="Raquel";
        $a[]="Cindy";
        $a[]="Doris";
        $a[]="Eve";
        $a[]="Evita";
        $a[]="Sunniva";
        $a[]="Tove";
        $a[]="Unni";
        $a[]="Violet";
        $a[]="Liza";
        $a[]="Elizabeth";
        $a[]="Ellen";
        $a[]="Wenche";
        $a[]="Vicky";
        
        //获得来自 URL 的 q 参数
        $q=$_GET["q"];

        //如果 q 大于 0，则查找数组中的所有提示
        if (strlen($q) > 0)
        {
            $hint="";
            for($i=0; $i<count($a); $i++)
            {
                if (strtolower($q)==strtolower(substr($a[$i],0,strlen($q))))
                {
                    if ($hint=="")
                        {
                            $hint=$a[$i];
                        }
                    else
                        {
                            $hint=$hint." , ".$a[$i];
                        }
                }
            }
        }

        // 如果未找到提示，则把输出设置为 "no suggestion"
        // 否则设置为正确的值
        if ($hint == "")
        {
            $response="no suggestion";
        }
        else
        {   
            $response=$hint;
        }

        //输出响应
        echo $response;
    }
    function addtwo(){
        $m=M('users');
        $mydata['user_name']=$_POST['title'];
        $mydata['user_password']=$_POST['message'];
        $test="cao ni ma";
        //$this->assign('mydata',$mydata);
        $this->success($test,1); 

    }
}